You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've opened a can of worms by starting looking into the OIDC tenant resolution optimization. But I'm glad we started looking into it as a few hidden issues have been discovered, one of them is that the the automatic session cookie splitting feature, when the value length is >= 4096 is in fact broken. This is not a blocker as the other existing options for managing large session cookies work.
The tests are passing because HtmlUnit does not act as a real browser. But Chrome, Firefox do drop the cookies whose values are <= 4096. The reason is simple: it is the total Set-Cookie expression length which must not exceed 4096 bytes, it includes the name, and all attributes like Expires, Path, Domain.
I've spent days chasing some unexpected test failures before I pinned it down
Expected behavior
No response
Actual behavior
No response
How to Reproduce?
No response
Output of uname -a or ver
No response
Output of java -version
No response
Quarkus version or git rev
No response
Build tool (ie. output of mvnw --version or gradlew --version)
No response
Additional information
No response
The text was updated successfully, but these errors were encountered:
Describe the bug
I've opened a can of worms by starting looking into the OIDC tenant resolution optimization. But I'm glad we started looking into it as a few hidden issues have been discovered, one of them is that the the automatic session cookie splitting feature, when the value length is >= 4096 is in fact broken. This is not a blocker as the other existing options for managing large session cookies work.
The tests are passing because HtmlUnit does not act as a real browser. But Chrome, Firefox do drop the cookies whose values are <= 4096. The reason is simple: it is the total
Set-Cookieexpression length which must not exceed 4096 bytes, it includes the name, and all attributes likeExpires,Path,Domain.I've spent days chasing some unexpected test failures before I pinned it down
Expected behavior
No response
Actual behavior
No response
How to Reproduce?
No response
Output of
uname -aorverNo response
Output of
java -versionNo response
Quarkus version or git rev
No response
Build tool (ie. output of
mvnw --versionorgradlew --version)No response
Additional information
No response
The text was updated successfully, but these errors were encountered: